<?php
$id				= gpc_getIntPost("id",$id);
$username		= gpc_getStringPost("cName");
$oldUsername    = gpc_getStringPost("oldcName");
$FirstName		= gpc_getStringPost("FirstName");
$LastName		= gpc_getStringPost("LastName");
$password 	    = gpc_getStringPost("password");
$cEmail 		= gpc_getStringPost("cEmail");
$oldEmail		= gpc_getStringPost("oldEmail");
$dBirthday 		= gpc_getStringPost("dBirthday");
$cAddress		= gpc_getStringPost("cAddress");
$cCity			= gpc_getStringPost("cCity");
$cState 		= gpc_getStringPost("cState");
$cZipCode 		= gpc_getStringPost("cZipCode");
$cCountry 		= gpc_getStringPost("cCountry");
$Gender 		= gpc_getIntPost("Gender",-1);

$cMobiPhone 	= gpc_getStringPost("cMobiPhone");
$cHomePhone 	= gpc_getStringPost("cHomePhone");
$cWorkPhone 	= gpc_getStringPost("cWorkPhone");

$GroupId 		= gpc_getIntPost("GroupId",false);
$status 		= gpc_getIntPost("iStatus",false);
$addition 		= gpc_getStringPost("cInfo");


if(empty($username) || empty($cEmail))
{
	$msg_error= "Username or Email is Empty";
	error_transfer($msg_error);
}else if(($username=="admin" || Checkuser($username)) && $username!=$oldUsername)
{
	$msg_error= "Username is Exists";
	error_transfer($msg_error);
}else if(CheckEmail($cEmail) && $oldEmail!=$cEmail)
{
	$msg_error= "Email is Exists";
	error_transfer($msg_error);
}


//save to db:
if($act=="insert")
{
    $datereg=date("Y/m/d");
    $password=gpc_Md5($password);
          //-------
    $sql_insert = "INSERT INTO tblaccount
    			(cName,cPassword,cFirstName,cLastName,dBirthday,cEmail,
    			 cAddress,cCity,cState,cZipCode,cCountry,iGender,cMobiPhone,cHomePhone,cWorkPhone,
    			 iStatus,dEntryDate,iGroupId,cInfo)
    			 VALUES
    			('$username','$password','$FirstName','$LastName','$dBirthday','$cEmail',
    			 '$cAddress','$cCity','$cState','$cZipCode','$cCountry','$Gender','$cMobiPhone','$cHomePhone','$cWorkPhone',
    			'$status','$datereg',$GroupId,'$addition')";

    $dbsql->query($sql_insert);


    Insert_Tracking(" Add new Account : $username ");
    page_transfer("Add account success !","page=$page");

}
elseif($id>0)
{
    $updatepass="";
    if($password!="")
    {
    	$updatepass="cPassword='".gpc_Md5($password)."',";
    }

    if($id==1)
    {
    	$status=false;
    	$GroupId=false;
    }

    //-----------------------------------------------------
    $sql_update = "UPDATE tblaccount SET
                    cName        = '$username',
    				cFirstName	 = '$FirstName',
    				cLastName	 = '$LastName',
    								".$updatepass."
    				cEmail		 = '$cEmail',
    				dBirthday	 = '$dBirthday',
    				cAddress	 = '$cAddress',
    				cCity		 = '$cCity',
    				cState		 = '$cState',
    				cZipCode	 = '$cZipCode',
    				cCountry	 = '$cCountry',
    				cMobiPhone	 = '$cMobiPhone',
    				cHomePhone	 = '$cHomePhone',
    				cWorkPhone	 = '$cWorkPhone',
    			".(($GroupId!==false)? "iGroupId	 = '".$GroupId."'," : "")."
    			".(($status!==false)? "iStatus ='".$status."'," : "")."
    				cInfo ='".$addition."',
    				iGender		 = '$Gender'
    				WHERE 	iAccountId	 = $id";

    $dbsql->query($sql_update);

    Insert_Tracking("Update AccInfo : $username ");
    $pagetr     = "page=$page";
    if($idadmin==$id)
    {
        $pagetr = "opt=myaccount";
    }
    page_transfer("Update Account Success !",$pagetr);
}
exit;
?>